class ApprovalsController < ApplicationController
  before_filter :require_valid_request,   :only => ['approve', 'decline']
  before_filter :find_gallery,            :only => ['approve', 'decline', 'send_request', 'gallery']
  before_filter :require_login
  before_filter :require_authorized_user
  
  def gallery
  end
  
  def approve
    if params[:approval][:video_id]
      @video = Video.find(params[:approval][:video_id])
      @approval = Approval.find(:all, :conditions => ["video_id = #{params[:approval][:video_id]} AND gallery_id = #{params[:approval][:gallery_id]} AND user_id = #{params[:approval][:user_id]}"])
    elsif params[:approval][:photo_id]
      @photo = Photo.find(params[:approval][:photo_id])
      @approval = Approval.find(:all, :conditions => ["photo_id = #{params[:approval][:photo_id]} AND gallery_id = #{params[:approval][:gallery_id]} AND user_id = #{params[:approval][:user_id]}"])
    end
    unless @approval.empty?
      @approval.first.approve!
    else
      (@approval = Approval.new(params[:approval])) if params[:approval][:photo_id]
      (@approval = Approval.new(params[:approval])) if params[:approval][:video_id]
      @approval.approve!
    end
    render :partial => "approval"
  end

  def decline
    if params[:approval][:video_id]
      @video = Video.find(params[:approval][:video_id])
      @approval = Approval.find(:all, :conditions => ["video_id = #{params[:approval][:video_id]} AND gallery_id = #{params[:approval][:gallery_id]} AND user_id = #{params[:approval][:user_id]}"])
    elsif params[:approval][:photo_id]
      @photo = Photo.find(params[:approval][:photo_id])
      @approval = Approval.find(:all, :conditions => ["photo_id = #{params[:approval][:photo_id]} AND gallery_id = #{params[:approval][:gallery_id]} AND user_id = #{params[:approval][:user_id]}"])
    end
    unless @approval.empty?
      @approval.first.decline!
    else
      (@approval = Approval.new(params[:approval])) if params[:approval][:photo_id]
      (@approval = Approval.new(params[:approval])) if params[:approval][:video_id]
      @approval.decline!
    end
    render :partial => "approval"
  end
  
protected
  def require_valid_request
    unless (params[:approval][:video_id] || params[:approval][:photo_id]) && params[:approval][:gallery_id] && params[:approval][:user_id]
      flash[:error] = "This approval isn't properly formed"
      redirect_back_or_default('/')
    end
  end
  def require_login
    unless logged_in?
      flash[:error] = 'You must be logged in to do that'
      redirect_to login_url
    end
  end
  def find_gallery
    unless params[:approval].nil?
      @gallery = Gallery.find(params[:approval][:gallery_id])
    else
      @gallery = Gallery.find(params[:id])
    end
  end
  def require_authorized_user
    @gallery ||= Gallery.find(params[:id])
    unless @gallery.users.include?(current_user) || current_user.is_admin?
      flash[:error] = "You are not authorized to make approvals for this gallery"
      redirect_back_or_default('/')
    end
  end
end
